<?php /*
	
*/ ?>
<?php include("system/config.inc.php");
$donotinclude = 1;
// IF admin is not logged in then it will redirect to the adminlogin page.
if(!isset($_SESSION['adminuserid']))
{
	header("location:index.php?msg=logfirst");
	die();
}

// INSERT into database.
if(isset($_REQUEST['Submit']) && trim($_REQUEST['Submit']) == "Submit")
{
	$email = mysql_real_escape_string($_REQUEST['email']);
	$fname = mysql_real_escape_string($_REQUEST['fname']);
	$lname = mysql_real_escape_string($_REQUEST['lname']);
	$password = md5($_REQUEST['password']);
	//$varlastname = $_REQUEST['lastname'];
	$birthdate = mysql_real_escape_string($_REQUEST['birthdate']);
	
	if(isset($_REQUEST['radiobutton']) && $_REQUEST['radiobutton']==1)
	{
		$varsex = "Male";
	}
	if(isset($_REQUEST['radiobutton']) && $_REQUEST['radiobutton']==2)
	{
		$varsex = "Female";
	}
	
	//$add = $_REQUEST['add'];
	if(isset($_REQUEST['slt']) && ($_REQUEST['slt'])!="")
	{
	$newsletter = $_REQUEST['slt'];
	}
	else
	{
	$newsletter=0;
	}
	$phoneno = mysql_real_escape_string($_REQUEST['phoneno']);
	if(isset($_REQUEST['faxno']) && ($_REQUEST['faxno'])!="")
	{
	$faxno = mysql_real_escape_string($_REQUEST['faxno']);
	}else{$faxno=0;}
	//address fields
	
	$houseno=mysql_real_escape_string($_REQUEST['houseno']);
	
	
	$add1=mysql_real_escape_string($_REQUEST['add1']);
	$streetaddress=$houseno.",".$add1;
	$postcode=mysql_real_escape_string($_REQUEST['postcode']);
	$city=mysql_real_escape_string($_REQUEST['city']);
	$state=mysql_real_escape_string($_REQUEST['state']);
	$country=mysql_real_escape_string($_REQUEST['country']);
	$address=$houseno."&nbsp;".$add1."&nbsp;".$postcode."&nbsp;".$city."&nbsp;".$state."&nbsp;".$country;
	// check for avibility
	$sql2="select `varcustemail` from tblcustomers";
	$result=$obj_db->select($sql2);
	if(count($result)>0)
	{
		for($i=0;$i<count($result);$i++)
		{
			if(($result[$i]['varcustemail'])==$email)
			{
			header("location:customer.php?msg=sameuser");
			die();
			}
			else
			{
			
			}
		}
	}
	$insert="INSERT INTO `tblcustomers` (`charcustsex` , `varcustfname` , `varcustlname` ,`dtdob`, `varcustemail`,`varhouseno`,`varstreetname`,`varpostalcode`,`varcity`,`varstate`,`varcountry`,`varcustphone`,`varcustfax`,`varcustpassword`,`intnewsletter`,`intstatus`,`dtregtime` ) 
				VALUES ('$varsex', '$fname', '$lname','$birthdate', '$email','$houseno','$add1','$postcode','$city','$state','$country','$phoneno','$faxno','$password','$newsletter','1',NOW())";
	$sql=$obj_db->insert($insert);	
	header("location:customer.php?msg=add");
	die();
}	



// DELETE record from database
if(isset($_REQUEST['a']) && trim($_REQUEST['a'])==3)
{
	if(isset($_REQUEST['intcusid']) && trim($_REQUEST['intcusid']!=""))
	{	
	
		
		$screen_id =  $_REQUEST['intcusid'];
		$sql_del = "Delete from tblcustomers where intcusid ='$screen_id'";
		
		//echo $sql_del;
		//die();
		
		$delete = mysql_query($sql_del);
		
		header("location:customer.php?msg=del");
		die();
	}
}


$slt1 = "";
$slt2 = "";


// UPDATE the record

$email1="";
$fname1="";
$lname1="";
$birthdate1="";
$add1="";
$slt1="";
$phoneno1="";
$houseno="";
$postcode="";
$city="";
$state="";
$country="";
$faxno1="";
$action=1;
if((isset($_REQUEST['a']) && trim($_REQUEST['a'])==2) && (!(isset($_REQUEST['Submit']) && 
trim($_REQUEST['Submit']) == "Submit")))
{
 	if(isset($_REQUEST['intcusid']) && trim($_REQUEST['intcusid'])!="")
 	{
		$screen_id =  mysql_real_escape_string($_REQUEST['intcusid']);
		$sql = "select * from tblcustomers where intcusid ='$screen_id'";
		$result = $obj_db->select($sql);
		if(count($result)<=0)
		{
			echo " No Record Found!<br>";
			die();
		}
		if($result)
		{
			foreach($result as $row)
			{
				$email1 = $row['varcustemail'];

				$fname1 = $row['varcustfname'];
				
				$lname1 = $row['varcustlname'];
				
				$password1 = $row['varcustpassword'];
				
				$password21 = $row['varcustpassword'];
				
				$birthdate1 = $row['dtdob'];
				
				$houseno= $row['varhouseno'];
				$sex = $row['charcustsex'];
				$slt1 = "";
				$slt2 = "";
				if($sex=="Male")
				{
					$slt1 = "checked";
				}
				else 
				{
					$slt2 = "checked";
				}
				$add1=$row['varstreetname'];
				$postcode=$row['varpostalcode'];
				$city=$row['varcity'];
				$state=$row['varstate'];
				$country=$row['varcountry'];
				$slt = $row['intnewsletter'];
				
				$phoneno1 = $row['varcustphone'];
				
				$faxno1 = $row['varcustfax'];

				$action=2;
			}
		}
		if(isset($_REQUEST['Submit']) && trim($_REQUEST['Submit']) == "Update")
		{
			$email = mysql_real_escape_string($_REQUEST['email']);
			$fname = mysql_real_escape_string($_REQUEST['fname']);
			$lname = mysql_real_escape_string($_REQUEST['lname']);
			$birthdate = mysql_real_escape_string($_REQUEST['birthdate']);
			
			if(isset($_REQUEST['radiobutton']) && $_REQUEST['radiobutton']==1)
			{
				$varsex = "Male";
			}
			if(isset($_REQUEST['radiobutton']) && $_REQUEST['radiobutton']==2)
			{
				$varsex = "Female";
			}
			
			$slt = mysql_real_escape_string($_REQUEST['slt']);
			$phoneno = mysql_real_escape_string($_REQUEST['phoneno']);
			$faxno = mysql_real_escape_string($_REQUEST['faxno']);
			//address fields
			$houseno=mysql_real_escape_string($_REQUEST['houseno']);
			$add1=mysql_real_escape_string($_REQUEST['add1']);
			$postcode=mysql_real_escape_string($_REQUEST['postcode']);
			$city=mysql_real_escape_string($_REQUEST['city']);
			$state=mysql_real_escape_string($_REQUEST['state']);
			$country=mysql_real_escape_string($_REQUEST['country']);
			$address=$houseno."&nbsp;".$add1."&nbsp;".$postcode."&nbsp;".$city."&nbsp;".$state."&nbsp;".$country;		
			$sql_upd ="UPDATE tblcustomers SET charcustsex = '$varsex', varcustfname = '$fname', 		varcustlname = '$lname', dtdob = '$birthdate1', varcustemail = '$email', varhouseno = '$houseno', varstreetname = '$add1', varcity = '$city', varstate = '$state', varcountry = '$country', varcustphone = '$phoneno', varcustfax = '$faxno', intnewsletter = '$slt', dtregtime = NOW(), intstatus = '1' WHERE intcusid ='$screen_id'";
			
			
			$result = $obj_db->sql_query($sql_upd);
			$action=1;
			
			header("location:customer.php?msg=edit");
			die();
		}
	}
}



// change status Approve or Not Approve
if(isset($_REQUEST['status']) && trim($_REQUEST['status']) == 0)
{
	if(isset($_REQUEST['intcusid']) && trim($_REQUEST['intcusid']!=""))
	{
		$screen_id=mysql_real_escape_string($_REQUEST['intcusid']);
		$sql="update tblcustomers set intstatus = 1 where intcusid = $screen_id";
		
		$update = $obj_db->sql_query($sql);
		
		header("location:customer.php");
		die();
	}
}
if(isset($_REQUEST['status']) && trim($_REQUEST['status']) == 1)
{
	if(isset($_REQUEST['intcusid']) && trim($_REQUEST['intcusid']!=""))
	{
		$screen_id=mysql_real_escape_string($_REQUEST['intcusid']);
		$sql="update tblcustomers set intstatus = 0 where intcusid = $screen_id";
		
		$update = $obj_db->sql_query($sql);
		
		header("location:customer.php");
		die();
	}
}



?>

<?php include("inc/header.php");?>
<body>

<script language="javascript" src="js/scw.js"></script>
<script language="javascript" src="js/customer.js"></script>


<table width="80%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" class="middlebackground">
<tr>
<td align="center" valign="top" ><?php include(INC."top.inc.php");?></td>
</tr>
<tr>
<td valign="top">

<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td><table width="100%"  border="0" align="center" cellpadding="0" cellspacing="0">
      <tr>
        <td valign="top">
<?php
if(isset($_REQUEST['script']))
{
	if(trim($_REQUEST['script'])=='addcustomer' || trim($_REQUEST['script'])=='editcustomer')
	{
	?>
<form name="form" method="post" action="" >
  <table width="70%" align="center" cellpadding="2" cellspacing="2" class="border">
	<tr class="bg1">
	<td align="center"><strong>
	  <?php if($_REQUEST['script']=='addcustomer'){echo "Add New Customer...";}
	if($_REQUEST['script']=='editcustomer'){echo "Edit Customer...";}?>
	</strong></td>
	</tr>	
	<tr >
	  <td>	  
	  <table width="100%" border="0" align="center" cellpadding="2" cellspacing="2">
			<?php
			if(isset($_REQUEST['mail_add']))
			{
				$email=$_REQUEST['mail_add'];
			}
			?>
			<tr>
			  <td align="right" class="sltimg">&nbsp;</td>
			  <td align="right">(* All fields are Required)</td>
			  </tr>
			<tr>
			  <td width="127" align="right" class="sltimg">*Email : </td>
			  <td width="224"><input name="email" type="text" class="textfield" id="email" value="<?php echo $email1;?>" size="35"></td>
			</tr>
			<tr>
			  <td align="right" class="sltimg">*First Name : </td>
			  <td><input name="fname" type="text" class="textfield" id="fname" value="<?php echo $fname1;?>" size="35" /></td>
			  </tr>
			<tr>
			  <td align="right" class="sltimg">*Last Name : </td>
			  <td><input name="lname" type="text" class="textfield" id="lname" value="<?php echo $lname1;?>" size="35" /></td>
			  </tr>
			
			<?php
			if(isset($_REQUEST['forum']))
			{
				$forumlogin=$_REQUEST['forum'];
			}
			?>
						
			<?php
			if(isset($_REQUEST['password']))
			{
				$password=$_REQUEST['password'];
			}
			?>
			 <?php if($action==1) {?>
			<tr>
			  <td align="right" class="sltimg">*Password : </td>
			  <td><input name="password" type="password" class="textfield" id="password" value="<?php echo $password1;?>" size="35" /></td>
			</tr>
			
			<?php
			if(isset($_REQUEST['firstname']))
			{
				$firstname=$_REQUEST['firstname'];
			}
			?>
			<tr>
			  <td align="right" class="sltimg">*Confirm Password : </td>
			  <td><input name="password2" type="password" class="textfield" id="password2" value="<?php echo $password21;?>" size="35" /></td>
			  </tr>
			<?php } ?>
			<?php
			if(isset($_REQUEST['lastname']))
			{
				$lastname=$_REQUEST['lastname'];
			}
			?>
			
			<?php
			if(isset($_REQUEST['birthdate']))
			{
				$dateofbirth=$_REQUEST['birthdate'];
			}
			?>
			<tr>
			  <td align="right" class="sltimg">*Date of Birth : </td>
			  <td class="fntstyle1"><input name="birthdate" type="text" class="textfield" id="birthdate"  value="<?php echo $birthdate1;?>"/>
			  (day/month/year)</td>
			</tr>			
			<tr>
			  <td align="right" class="sltimg">*Sex : </td>
			  
			  <td>
			  <?php 
			  	if(isset($screen_id) && ($screen_id)!="")
				{
					$sql1="select charcustsex from tblcustomers where intcusid='$screen_id'";
					$res=$obj_db->select($sql1);
					if($res[0]['charcustsex']=='Male')
					{	
			  ?>
			  <input name="radiobutton" type="radio" value="1" <?php echo $slt1;?>  checked	/>Male
			  <input name="radiobutton" type="radio" value="2" <?php echo $slt2;?> />Female
				<?php }
				else if($res[0]['charcustsex']=='Female')
				{
				?>
				<input name="radiobutton" type="radio" value="1" <?php echo $slt1;?>/>Male
				<input name="radiobutton" type="radio" value="2" <?php echo $slt2;?> checked/>Female
				  <?php 
				  	}
					}
					else
					{
				  ?><input name="radiobutton" type="radio" value="2" <?php echo $slt2;?>/>Male
				<input name="radiobutton" type="radio" value="2" <?php echo $slt2;?> checked/>Female
				<?php }?>			</td>
			</tr>
			
			<?php
			if(isset($_REQUEST['add_1']))
			{
				$address1=$_REQUEST['add_1'];
			}
			
			//<?php if($resman[$m]['intmanufactureid'] == $p_manuf){echo "selected";}else{echo "";} ?>
			
			
			<tr>
			  <td align="right" valign="top" class="sltimg"><span class="fontsmall">House Number</span> : </td>
			  <!--<td><select name="add" id="add">
			    <option>No</option>
			    <option value="1">home1</option>
			    <option value="2">home2</option>
			    </select></td>-->
			  <td><input name="houseno" type="text" class="feature_headingbg" id="houseno" value="<?php echo $houseno; ?>" /></td>
			</tr>
			
			
			<tr>
			  <td align="right" class="sltimg"><span class="fontsmall">Street Name:</span></td>
			  <td><input name="add1" type="text" class="feature_headingbg" id="add1" value="<?php echo $add1 ?>"/></td>
			  </tr>
			<tr>
			  <td align="right" class="sltimg"><span class="fontsmall">Town:</span></td>
			  <td><input name="city" type="text" class="feature_headingbg" id="city" value="<?php echo $city ?>" /></td>
			  </tr>
			<tr>
			  <td align="right" class="sltimg"><span class="fontsmall">State:</span></td>
			  <td><input name="state" type="text" class="feature_headingbg" id="state" value="<?php echo $state;?>" /></td>
			  </tr>
			<tr>
			  <td align="right" class="sltimg"><span class="fontsmall">Country:</span></td>
			  <td><input name="country" type="text" class="feature_headingbg" id="country"  value="<?php echo $country; ?>"/></td>
			  </tr>
			<tr>
			  <td align="right" class="sltimg"><span class="fontsmall">Postal Code</span>:</td>
			  <td><input name="postcode" type="text" class="feature_headingbg" id="postcode" value="<?php echo $postcode;?>" /></td>
			  </tr>
			<tr>
			  <td align="right" class="sltimg">*News Letter : </td>
			  <td><input name="slt" type="checkbox" value="1" <?php if($slt==1) { ?> checked="checked" <?php  } ?> /> 
				<!--<select name="slt" id="slt">
                    <option value="0">Select Newsletter</option>-->
                    <?php 
						/*$sql="select * from tblnewsletters";
						$resman = $obj_db->select($sql);
						if(count($resman)>0)
						{
							for($m=0;$m<count($resman);$m++)
							{*/
					?>
					<!--<option value="<?php /*echo $resman[$m]['intid'];*/?>"<?php /*if($resman[$m]['intid'] == $slt1){echo "selected";}else{echo "";}*/ ?>><?php /*echo $resman[$m]['varsubject'];*/?></option>-->
					<?php 
							/*}
						}*/
					?>
                <!--</select>			-->				</td>
			  </tr>
			<tr>
			  <td align="right" class="sltimg">*Daytime Phone : </td>
			  <td><input name="phoneno" type="text" class="textfield" id="phoneno" value="<?php echo $phoneno1;?>" size="35" /></td>
			</tr>
			
			<?php
			if(isset($_REQUEST['cell']))
			{
				$cell=$_REQUEST['cell'];
			}
			?>
			<tr>
			  <td align="right" class="sltimg">*Eveningtime  Phone: </td>
			  <td><input name="faxno" type="text" class="textfield" id="faxno" value="<?php echo $faxno1;?>" size="35" /></td>
			</tr>
			<tr>
			  <td>&nbsp; </td>
			  <td><?php if($action==2)
			  {?>
			  
			  	<a href="changecustomerpassword.php?intcusid=<?php echo $screen_id;?>" class="error">Change Password?</a></td>
				<?php } ?>
			</tr>
			<tr>
			  <td colspan="2" align="center">
				<input name="Submit" type="submit" class="btn" 
				onClick="return check();" value="<?php echo ($action==2) ? "Update":"Submit"; ?>">	</td>
			</tr>
	  	</table> 	  </td>
	</tr>
	</table></form>
	<?php
	}
}
else
{
?>
<br />
<table width="85%" border="0" align="center" cellpadding="1" cellspacing="0" class="border">
	  <tr class="bg1">
		<td height="20" align="left">
		  <strong>Customers...</strong>		  </td>
	    <td align="right"><a class="new" href="customer.php?script=addcustomer">[NEW]</a></td>
	  </tr>

		<tr><td colspan="4" class="box">
		<table width="100%"  border="0" align="center" cellpadding="2" cellspacing="2" >
		     
		  <tr>
		    <td colspan="10" align="left">&nbsp;          </td>
		    </tr>
			<form name="form1" method="post">
		  <td colspan="11" align="left"> <?php 
	   $rows="";
	 if(isset($_REQUEST['page']) && ($_REQUEST['page'])!="")
	 {
	 	$rows=$_REQUEST['page'];
	 
	  }	
	  ?>Row per Page:
              <select name="page" onChange="document.form1.submit();">
                <option value="0"<?php if($rows=='0'){echo "selected";}else{echo "";}?>>All</option>
                <option value="5"<?php if($rows=='5'){echo "selected";}else{echo "";}?>>5 Per Page</option>
                <option value="10"<?php if($rows=='10'){echo "selected";}else{echo "";}?>>10 Per Page</option>
                <option value="15"<?php if($rows=='15'){echo "selected";}else{echo "";}?>>15 Per Page</option>
              </select>              </form></td></tr>
		 <!-- <tr>
		    <td colspan="9" align="left">Search By Email: 
		      <input name="search" type="text" id="search" />
		      <input name="Submit2" type="submit" class="btn" value="Go" /></td>
		  </tr></form>-->
		  <tr class="tblbg3">
		  <td align="center">E-Mail</td>
			<td height="20" align="center">Last Name</td>
			<td align="center">First Name</td>
			<!--<td align="center">Address</td>-->
			<td align="center">Account Created</td>
			<td align="center">Details</td>
			
			<td align="center">Orders</td>
			
			<!--<td align="center">Status</td>-->
			<td align="center">Edit</td>
			<td align="center">Delete</td>
		  </tr>
	<?php
		/**************************************
		PAGING CODE START
		**************************************/
		if(isset($_REQUEST['page']) && ($_REQUEST['page'])!=0)
			{
				$rows=$_REQUEST['page'];
				$rowperpage=$rows;
			}else{$rowperpage=$rows=10000;}
		$tablename="tblcustomers";
		$per_page_keywords= "";
		$per_page_sorts= "";
		include("system/paging.inc.php");

		/**************************************
		PAGING CODE ENDING
		**************************************/

	if(isset($_REQUEST['search']) && ($_REQUEST['search'])!="")
	{
	//echo $_REQUEST['search'];
		$sql_select = "select * 
	from  ".$tablename." WHERE `varcustemail` LIKE '%".$_REQUEST['search']."%'
	Limit ".($page_no*$row_per_page).",".$row_per_page;
	//echo $sql_select;
	}
	else
	{
	$sql_select = "select * 
	from  ".$tablename."
	Limit ".($page_no*$row_per_page).",".$row_per_page;
	}
	$sql = $obj_db->select($sql_select);
	if($sql)
	{
	$i=0;
	for($j=0;$j<count($sql);$j++)
	 { 
		$screen_id=$sql[$j]['intcusid'];
		 $i=$i+1;
		  ?>
			<tr align="center" class="<?php echo ($i%2==0)?"Hrnormal":"Hralter"; ?>" onMouseOver="this.className='Hrhover';"  
				onMouseOut="this.className='<?php echo ($i%2==0)?"Hrnormal":"Hralter"; ?>';">        
				<td><?php echo srchwordchangestyl($sql[$j]['varcustemail']);?></td>
				<td><?php echo $sql[$j]['varcustlname'];?></td>
				<td><?php echo $sql[$j]['varcustfname'];?></td>
				<td><?php echo printdate($sql[$j]['dtregtime']);?></td>

<?php
/*
	$sql12="select * from tblcusaddress WHERE intcusid=$screen_id";
	$resman12 = $obj_db->select($sql12);
	if(count($resman12)>0)
	{
		for($m12=0;$m12<count($resman12);$m12++)
		{
*/			
?>				

				<!--<td><?php /*echo $resman12[$m12]['varaddrs1'];*/?></td>-->
				
<?php /*			
		}
	}
*/
?>
				
				<td><a Title='Click here for Member Details' href="customerdetails.php?detail=memberdetail&memberID=<?php echo $screen_id;?>" class="aa">Details</a></td>
				
				<td><a Title="Click here for Order Details" href="orders.php?cust=<?php echo $sql[$j]['intcusid'];?>" class="aa">Orders</a></td>
				<!--<td>Orders</td>-->
				
				
				<!--<td><table border="0" cellspacing="0" cellpadding="0" align="center">
				  <tr><?php 
					/*if($sql[$j]['intstatus']==0)
					{
						echo "<td><a class='aa' Title='Click Here To Dis-Approve' href='customer.php?status=0&intcusid=$screen_id'>Not Approve</a></td>";	
					} 
					if($sql[$j]['intstatus']==1)
					{
						echo "<td><a class='aa' Title='Click Here To Approve' href='customer.php?status=1&intcusid=$screen_id'>Approve</a></td>";	
					} */
				  ?> </tr>
				</table></td>-->
				
				<td><a class="link" Title="Click here to Edit" href="customer.php?script=editcustomer&a=2&intcusid=<?php echo $screen_id;?>">
				<img src="images/edit.bmp" alt="Edit" border="0"></a></td>
				<td><a Title="Click here to Delete" class="link" href="customer.php?a=3&intcusid=<?php echo $screen_id;?>" 
				onClick="return confirm('Are you sure to delete this record ?');">
				<img src="images/delete.bmp" alt="Delete" border="0"></a></td>	
			</tr>
			<tr>
			<?php 
			}
		?>
			  <td colspan="10" align="center" >
			  <?php pagindet_atbotttom_page($div_page_no,$page_no,$req_querystr,$total_db_rec,$row_per_page); ?>            </td>
		  </tr>
		  <?php
	}	
   ?>
  </table></td>
  </tr>
</table>	
<?php
}
?></td>
      </tr>
    </table></td>
  </tr>
</table>

</td>
</tr>
<tr><td align="center">&nbsp;</td>
</tr>
</table>
</body>
</html>